Research
Security News
Malicious npm Packages Inject SSH Backdoors via Typosquatted Libraries
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
@browserbox/browserbox
Advanced tools
BrowserBox - interactive images that embed web contents. A WebView for the open web, an unrestricted IFRAME element, a CORS-proxy, and reverse proxy. Secure remote browser isolation and document viewer, by DOSAYGO.
<img style width=80 height=80 src=https://raw.githubusercontent.com/BrowserBox/BrowserBox/boss/docs/icon.svg alt='BrowserBox Logo 2023'> | BrowserBox |
---|
Español (Spanish) | עברית (Hebrew) | हिन्दी (Hindi) | Français (French) | Русский (Russian) | العربية (Arabic) | 中文 (Chinese) | اردو (Urdu)
BrowserBox: a browser you run on a server, rather than your local device. The web browser becomes a web app. Abstract your web content. Secure your network. Program across sites. Access the web from anywhere, anywhere!
BrowserBox is a tiny, web-based browser that's embeddable anywhere. It's also multiplayer, allowing many clients to screen share the same browsing session at the same time. It's lightweight and fast, consuming the minimum system resources while adapting its streaming quality to take advantage of as much bandwidth as is available to provide a low-lag, responsive experience.
It's the only remote browser that works seamlessly on mobile devices, because, instead of just using a virtual desktop or VNC layer, we virtualize the browser itself and fully control every part of it, ensuring when you view BrowserBox on a mobile device, you get a mobile browser on the server.
We provide a variety of install and run options, with instructions listed in this README. They include:
./deploy-scripts/run_docker.sh
after tagging the pulled image to ghcr.io/browserbox/browserbox:latest
./deploy-scripts/run_docker.sh
directly or via bash redirect with curl (the no clone option :rocket:).git clone
and ./deploy-scripts/global_install.sh
- simple, flexible, direct. Perfect for development. See the screencast — Deploying BrowserBox from 0 to 1: "Recorded in High Definition ASCII-nema Vision"
You may run BrowserBox via a variety of easy to access means. The simplest and most stable is the full manual install. Simple spin up a VPS, VM baremetal server, or even your local device of choice and follow the instructions below and you'll be up and running in two jiffies! :joy_cat:
[!NOTE] In case you're wondering, right now we don't track any telemetry at all. Not even that email address you'll enter. We plan to, in future one day, begin collecting at least your email, for the following purpose only: to very cautiously and tripatiously invite you to join a mailing list to receive updates on BrowserBox. But not today.
To run BrowserBox docker easily you need to use the included run script: ./deploy-scripts/run_docker.sh PORT HOST EMAIL
and follow the instructions.
[!NOTE] We use a run script to avoid you needing to manually bridge a range of ports, run the correct command, and ensure HTTPS certificates are set up across a range of deployment scenarios. Worry not, our intrepid
run_docker.sh
script will guide you through everything you need.
You can get started right away, just follow the prompts when you run the below to install and run the latest BrowserBox on Docker:
bash <(curl -s https://raw.githubusercontent.com/BrowserBox/BrowserBox/boss/deploy-scripts/run_docker.sh) 9999 my-browser.example.com me@example.com
[!TIP] That's all you need! Just ensure you replace the examples values above with the correct
PORT
,HOST
, and
PORT
is the main port where BrowserBox will run.HOST
is the hostname of the server where BrowserBox will run. It can either be localhost or a fully-qualified domain name, backed by a DNA a record.EMAIL
is your email address, to agree to our terms1 and LetsEncrypt's terms2[!WARNING] Apple macOS users may find the Docker version to be the least stable. A common problem encountered when running BrowserBox Docker on macOS is tabs inexplicably freeze on occasion. A workaround is to close the problem tab, and resume in a new tab. This issues does not occur in BrowserBox Docker on other systems.
If you want, you can run a specific version manually, even pull it from Docker Hub. Just make sure you tag it as ghcr.io/dosyago/browserbox:latest
, so you can run it via the (very much necessary) run_script:
docker pull dosyago/browserbox:v7.1.2
docker tag dosyago/browserbox:v7.1.2 ghcr.io/browserbox/browserbox:latest
PORT=9999
HOST=browserbox.example.com
EMAIL=j.citizen@example.com
bash <(curl -s https://raw.githubusercontent.com/BrowserBox/BrowserBox/boss/deploy-scripts/run_docker.sh) $PORT $HOST $EMAIL
Alternately you can clone the repository first and run the script direclty, like so:
git clone https://github.com/BrowserBox/BrowserBox
cd BrowserBox
./deploy-scripts/run_docker.sh $PORT $HOST $EMAIL
By far the easiest and most fun method, 1-Click-Deploy BrowserBox is ready to deploy today on a number of popular cloud providers. See below for details. Just click the links to start your deployment and you'll be up and running in no time!
[!NOTE] There's no licensing fees for personal use so all you pay are your own cloud costs. Just use one of the cloud providers below to start browsing the web from a safe distance!
What are you waiting for? Give it a try now!
Vultr | AWS | Linode |
Azure Quickstart
(recommended*) | |
---|---|---|---|---|
Deploy |
Deploy to Vultr |
Deploy to AWS |
Deploy to Linode |
Quickstart Template |
If you have issues with your deployment, it's a good idea check the cloud provider status page:
It's also a great idea to check cloud ping test (internet speed and round-trip time) sites before you create your 1-click deployment to create in the cloud region with the lowest ping for you.
If you encounter any issues at all or wish to discuss licenses or customizations, or anything else, reach out to us at support@dosyago.com.
* Azure is our recommended option because it makes deployment easieset: no need to add a separate DNS record for your instance; and Azure even emails you when the deployment is complete!
Before we show you the step by step instructions, we'll just show you the whole thing, in one block:
git clone https://github.com/BrowserBox/BrowserBox.git
cd BrowserBox
./deploy-scripts/wait_for_hostname.sh my.awesome.host.com
./deploy-scripts/global_install.sh my.awesome.host.com my-email@address.com
setup_bbpro --port 8080 > my.login.link.txt
bbpro
cat my.login.link.txt
You can try this right now if you just want to try it out, and don't care about getting the rights certificates for production or accessing over the public internet.
The above commands will download, install, setup and start BrowserBox, as well as output your login link for you. Open that link (which looks like: https://localhost:8080/login?token=csdkjhvsdfkjhv3498ysdf) in your regular browser.
To stop your instance just issue the stop_bbpro
command.
[!TIP] The above simple method uses
my.awesome.host.com
as the hostname for your BrowserBox instance. You'll need to ensure you've set a DNS A record frommy.awesome.host.com
or your actual full domain name, to the IP address of the machine you're running BrowserBox on.
Now, let's show you the full manual install.
git clone https://github.com/BrowserBox/BrowserBox.git
cd BrowserBox
Check that your hostname (you were creative so you picked: my.awesome.host.com) resolves by running:
./deploy-scripts/wait_for_hostname.sh my.awesome.host.com
Run the install script using your instance's full domain name and your email address. Email is for agreeing to our terms and the HTTPS certificate provider's (aka LetsEncrypt's) terms. We don't spam you! We may send you a product announce in future tho, or invite you to join a list, but such a vile transgression of the sanctity of your holy email space would be an exceedingly rare, and cautiously approached, occurrence!
./deploy-scripts/global_install.sh my.awesome.host.name.com my-rockin@email.address.com
this will take you through the attended install where you'll need to follow prompts. To just get the defaults (good idea), you can alter that command slightly to be a yes person for you :joy_cat::
yes | ./deploy-scripts/global_install.sh my.so-awesome.host.name.com my-rockin@email.address.com
The above will run an unattended install, where it does everything for you, and you can go away and fix yourself a delicious beverage, or what not.
[!TIP] The user you install with will need
sudo
capabilities. But you do not needsudo
caps to run BrowserBox once it is already installed.
As soon as installation completes you'll be ready to run BrowserBox using the following two key commands:
setup_bbpro --port 9999
bbpro
setup_bbpro
will setup BrowserBox to bind to port 9999 (plus two either side for all its services. So ports 9997 through 10001 in this case).And will also return your very valuable, secret and crucial login link. This is your only way to access your BrowserBox. We save it to $HOME/.config/dosyago/bbpro/login.link
if you lost it. Treat it like an screen sharing invite link, anyone you share that link with will be able to share, watch and drive your BrowserBox session, just like you. It's a free for all! Some may call it a melee. :joy:
bbpro
will start BrowserBox. Give it a couple seconds to start up.
Our new maintenance release has just landed and includes a range of minor improvements to stability across the diverse OS platforms supported by BrowserBox, including 1-Click deploy. Of note are the support of unprivileged users, and a drastic speedup of install times for the full (including doc viewer) install. Read more here.
We've also translated a brief README introduction to BrowserBox into a few languages. See the links at the top of the README for a version that might be in your preferred language.
A few tips for development:
./deploy-scripts/build_docker.sh
to build the Docker image. We build on macOS using Docker Desktop. Building on other platforms is not officially supported, tho we are open to reviewing a PR that adds a Podman build script.npm test
in the root directory runs the copy of BrowserBox in the current directory. bbpro
runs the globally installed copy. setup_bbpro
(equivalently: ./deploy-scripts/_setup_bbpro.sh
) configures BrowserBox and applies to any copy you run, regardless of whether you run with npm test
, or bbpro
../src/common.js
DEBUG.mode
key to dev
uses the unbundled, unminified client code in ./src/public/voodoo
. Ensure you do this if you want to modify client-side code.Contributors and developers take a look at these source diagrams of BrowserBox.
They contain 3 main parts: Back-end (Zombie Lord), Front-end (Voodoo), User-interface
Zombie-Lord is the back-end. It controls, and senses the browser and all interactions and state related to it.
Click for an Interactive version of the above 3D back-end graph.
Voodoo is the client. It contains all client-side logic, interprets human-side user events, and presents notices from the browser-side.
Click for an Interactive version of the above 3D front-end graph.
And neither of these above creations includes the Good.HTML view framework, which begins at src/public/voodoo/src/components and contains all the UI logic and components to present the UI.
Taken together these 3 parts comprise BrowserBox Remote Browser.
We just launched on the Vultr Marketplace!
Vultr is a cloud services provider offering a wide range of scalable, high-performance computing resources and solutions for businesses and developers, with affordable prices in over 30 regions around the globe. The Vultr Marketplace is a burgeoning cloud marketplace with around 100 vetted vendors and apps.
Deploy BrowserBox to the cloud instantly!
There's no licensing fees for personal use so all you pay are your own cloud costs. Just use one of the cloud providers below to start browsing the web from a safe distance!
What are you waiting for? Give it a try now!
Vultr | AWS | Linode |
Azure Quickstart
(recommended*) | |
---|---|---|---|---|
Deploy |
Deploy to Vultr |
Deploy to AWS |
Deploy to Linode |
Quickstart Template |
If you have issues with your deployment, it's a good idea check the cloud provider status page:
It's also a great idea to check cloud ping test (internet speed and round-trip time) sites before you create your 1-click deployment to create in the cloud region with the lowest ping for you.
* Azure is our recommended option because it makes deployment easieset: no need to add a separate DNS record for your instance; and Azure even emails you when the deployment is complete!
The v7.1 release includes all the updates from the latest 7-series major release plus a few more.
Key points on the v7.1 release are below:
BrowserBox's secure document viewer for content-disarm and reconstruction-based secure viewing of all PDFs, DOCX, XLS, and many other document formats, right in the browser!
[!TIP] Once the document has downloaded, a popup window will open where you can see the conversion status and eventually view the document. If that doesn't happen, look for a warning about "popup blocked", in which case you'll need to "allow popups" on your browser in order to see it. If this happens, click the download link again to give the doc viewer window another chance to reopen.
Due to customer requests, BrowserBox's Secure Document Viewer is now enabled by default! Please note that this will cause installation to take longer as many font packages are installed to ensure the correct display of a variety of document formats including: PDF, DOCX and more!
BrowserBox has just landed support for Windows and we're on PowerShell Gallery. Including Windows 11 and Windows Server 2022. Other platforms will be rolled out as they are tested. See the table below:
Windows Edition | Compatibility |
---|---|
Windows Server 2022 | ✅ |
Windows Server 2019 | ✅ |
Windows 11 | ✅ |
Windows 10 | ✅ |
To install and run on Windows, first do the following in PowerShell as Administrator:
# you may need the following 2 lines to install from PSGallery
# if your package managers need updating
Set-ExecutionPolicy Bypass
Install-PackageProvider Nuget -Force
Install-Module -Name PowerShellGet -Force
Then close and reopen your PowerShell session, and run as regular user:
# the main part to install BrowserBox installer
Install-Module -Name BrowserBox-Installer
Then
Import-Module BrowserBox-Installer
Install-BrowserBox
When prompted enter the Domain name
that will point to your Windows instance, and your Email address
for agreeing to our terms, and LetsEncrypt terms. Then, configure your BrowserBox instance (-Port
and optionally -Token
for the login link):
Initialize-BrowserBox -Port 8080
[!NOTE] While BrowserBox opens ports on the operating system, if your cloud uses external firewalls, ensure ports
Port-2
throughPort+2
(8078-8082 in the example above) are opened in your control panel.
After running Initialize-Browserbox
you'll have your login link and you'll be ready to start BrowserBox and connect.
Finally, to start 'er up, type:
Start-BrowserBox
And open your login-link in any modern browser anywhere. Note that if you're connected over RDP this step will disconnect your RDP session as we perform some voodoo-foo in order to utilize the pre-existing and good RDP Audio Driver in a way that lets us retain an audio stream even when you're not connected to your server.
[!TIP] If you have trouble with the initial install module step (message aboutNuGet versions), this is probably a PS issue, so try (elevated):
Install-PackageProvider Nuget -Force
Install-Module -Name PowerShellGet -Force
Then restart (close and reopen) your PowerShell session and try again.
Any other issues with the installation on Windows then please open an issue or reach out to us at anytime at email or Signal
We're currently increasing our support for marketplaces and one-click-deploy, we've just been included in Azure Quickstart Samples.
Soon, we're also launching on the Vultr Marketplace. So, come one come all and check us out! 🥇😄
We've just added support for Azure Templates so you can click the Deploy buttons below to immediately create your BrowserBox instance.
Alternately, find us via Microsoft Code Samples search or directly in the Azure Quickstarts portal.
Easy Deployment! :pinata:
Step | Outcome | Result |
---|---|---|
1 |
or | ✅ |
2 | then Unlock tremendous value. | ✅ |
Distribution | Compatibility |
---|---|
macOS 13 | ✅ |
Fedora 39 | ✅ |
RHEL 8 | ✅ |
CentOS 9 | ✅ |
CentOS 8 | ✅ |
Kali | ✅ |
Almalinux 9 | ✅ |
Almalinux 8 | ✅ |
Debian 12 | ✅ |
Debian 11 | ✅ |
Ubuntu 23 | ✅ |
Ubuntu 22 | ✅ |
Amazon Linux 2023 | ✅ |
Amazon Linux 2 | ✅ |
Browser | Compatibility | Desktop | Android | iOS |
---|---|---|---|---|
Firefox | ✅ | ✅ | ✅ | ✅ |
Chrome | ✅ | ✅ | ✅ | ✅ |
Safari | ✅ | ✅ | N/A | ✅ |
Edge | ✅ | ✅ | ✅ | ✅ |
Brave | ✅ | ✅ | ✅ | ✅ |
Tor Browser | ✅ | ✅ | ✅ | ✅ |
We're excited to announce the release of our Azure Resource Manager (ARM) template! We're also excited to announce the release of our AWS CloudFormation template and our Linode StackScript, designed to simplify the deployment of BrowserBox instances on AWS and Linode. Seamlessly launch your BrowserBox in the cloud with these easy-to-use templates.
Vultr | AWS | Linode | Azure Quickstart | |
---|---|---|---|---|
Deploy |
Deploy to Vultr |
Deploy to AWS |
Deploy to Linode |
Quickstart Template |
:gem: Deploy to Azure
Ready to tap the awesome power of Azure to run your BrowserBox instances?
Now you can, simple and easily.
Use our ARM template to get started quickly.
🚀 Deploy on AWS
Ready to launch BrowserBox on AWS EC2?
Use our CloudFormation template to get started quickly.
Or pick your specific region below:
Click the link below corresponding to your preferred AWS Region. You will be asked a few questions about services like VPC, Hostname, etc; if you have no idea how to answer, reach out at support@dosyago.com and we'll be happy to help.
Region | Launch BrowserBox |
---|---|
N. Virginia (us-east-1) | |
Ohio (us-east-2) | |
N. California (us-west-1) | |
Oregon (us-west-2) |
Region | Launch BrowserBox |
---|---|
Frankfurt (eu-central-1) | |
Ireland (eu-west-1) | |
London (eu-west-2) | |
Paris (eu-west-3) | |
Stockholm (eu-north-1) | |
Milan (eu-south-1) |
Region | Launch BrowserBox |
---|---|
Tokyo (ap-northeast-1) | |
Seoul (ap-northeast-2) | |
Osaka (ap-northeast-3) | |
Singapore (ap-southeast-1) | |
Sydney (ap-southeast-2) | |
Hong Kong (ap-east-1) | |
Mumbai (ap-south-1) |
Region | Launch BrowserBox |
---|---|
São Paulo (sa-east-1) |
Region | Launch BrowserBox |
---|---|
Central (ca-central-1) |
We've also got you covered on Linode!
🌐 Linode StackScript: Prefer Linode as your cloud service provider? Deploy a new Linode instance pre-configured with BrowserBox. Deploy your BrowserBox on Linode.
Remember: You'll need to create your DNS hostname record to point to your EC2 or Linode instance's IP, after you set it up. Supply the hostname you will use to these templates. The nascent instance will wait up to 1 hour for the hostname to resolve to its IP.
Please note: we mostly work with Debian 12, CentOS 9, Amazon Linux, Ubuntu and MacOS, so while BrowserBox should work on other compatible distributions, if it doesn't please let us know. If you encounter any issues at all, then open an issue or email support@dosyago.com and we'll do our best to help you out!
tor-iframe:
<iframe src="https://mybrowserbox.server.com:9999/login?token=cviuygf3498tysifud&ui=false&url=["https://check.torproject.org"]"
style="border:none; width:100%; height:100%;"
allowfullscreen
scrolling="no">
</iframe>
On server:
$ IFRAME_LINK=$(setup_bbpro -p 9999 --ontor)
You can now browse the web through Tor when using BrowserBox. BrowserBox also supports running itself as a Tor hidden service, so you can access your BrowserBox instances over the Tor network.
We're thrilled to announce the following major updates to BrowserBox that will enhance your user experience and streamline your workflow!
We are excited to announce that BrowserBox now supports Tor, providing you with a more private and secure browsing experience. This feature is still in alpha, but we're committed to continuously improving it to match the security level of the Tor Browser over time.
Key Features:
.onion
websites seamlessly.--ontor
flag.Activate Tor in BrowserBox with this command:
$ setup_bbpro <your-normal-args> --ontor
$ bbpro
If you want to switch it off again, shut down as normal (pm2 delete all
), and re-run setup_bbpro
without the --ontor
flag.
Start exploring the web with Tor's added security.
As this Tor integration is in alpha, there are several important considerations:
Your feedback is crucial for our continuous improvement. Please report any issues or suggestions to enhance the Tor functionality on our GitHub issues page. Contributions, especially those that help achieve parity with Tor Browser's security, are highly appreciated.
Stay tuned for more updates and enhancements in BrowserBox, and as always, enjoy a secure browsing experience!
You can now install BrowserBox as a Progressive Web App (PWA) on your desktop! This means smoother performance, offline capabilities, and a more integrated experience with your operating system.
Key Benefits:
Introducing protocol links support with web+bb://
. Now, you can open links directly in BrowserBox by prefacing them with web+bb://
. This feature allows for more efficient navigation and a streamlined process to access web content.
How it Works:
web+bb://
.https://example.com
, use web+bb://https://example.com
.This update is part of our ongoing commitment to enhance BrowserBox and make your web experience as efficient and enjoyable as possible. Try out these new features and let us know what you think!
Stay tuned for more updates, and as always, happy browsing with BrowserBox!
Before starting, fork or generate this repo to your account.
Then ensure that:
To begin the action to create your BrowserBox Tor Hidden Service, click Submit New Issue, on this special issue template.
torbb
Please note you need to install from a non-root sudo-capable user. We recommend adding the appropriate NOPASSWD line to your sudoers file. For instructions see below. Also important is, if not using localhost as your hostname, you need to add your DNS A record for <hostname>
to point to the IP address of your machine before running your install script.
Alternately, use the new torbb command:
$ git clone https://github.com/BrowserBox/BrowserBox.git
$ cd BrowserBox
$ yes | ./deploy-scripts/global_install.sh <hostname|'localhost'> <email>
$ setup_bbpro --port <my_port>
$ torbb
Please note ensure you set export INSTALL_DOC_VIEWER=true
before calling the global_install
script, if you wish to have the Secure Document Viewer installed. It is off by default because the installation takes significantly longer with it installed.
💎 We're excited to announce that BrowserBox can now run as a hidden service on the Tor network! This significant update brings enhanced privacy and security, allowing you to access BrowserBox with the anonymity of Tor. Check out our Show HN post: torbb - Now with Tor, run BrowserBox as a hidden service.
New Video: Installing BrowserBox on Amazon AWS EC2 Amazon Linux
Please note you need to install from a non-root sudo-capable user. We recommend adding the appropriate NOPASSWD line to your sudoers file. For instructions see below. Also important is, if not using localhost as your hostname, you need to add your DNS A record for <hostname>
to point to the IP address of your machine before running your install script.
General install instructions:
git clone https://github.com/BrowserBox/BrowserBox.git
cd BrowserBox
./deploy-scripts/global_install.sh <hostname> <my_email>
setup_bbpro --port <my_port>
bbpro
November 4 2023: New version released. Docker image v6.
First ensure you have docker installed and running! :) Then run:
PORT=8080 # or your preferred port
bash <(curl -s https://raw.githubusercontent.com/BrowserBox/BrowserBox/e300055d5dc3e6c6edc1c89d6221792ab08286de/deploy-scripts/run_docker.sh) $PORT
That's it! Follow the prompts to set up certificates and it will emit a link that you can send open in any web browser.
Update: Docker image now works on macOS!!! 🎉
Steps:
By default the remain open for 5 minutes, but you can make that longer by editing the workflow YAML file. Each minute used counts against your GitHub actions quota. Also, don't do anything abusive with this, remember you are browsing the web from inside GitHub's infrastructure (actions runners), so treat them with respect!
Limitations: no audio, no DevTools, no docviewer (Because the ports are not accesible, although the services are running)
BrowserBox is a leading-edge solution in the Zero Trust landscape, enabling embeddable multiplayer browsers in any web page on any device. Our cybersecurity focus is on ensuring that every web interaction is treated as potentially hostile, and isolating it, so that we protect your devices and network from harm.
Cross-platform status:
Platform | Status |
---|---|
Docker | ✅ |
Ubuntu | ✅ |
Debian | ✅ |
CentOS 9 | ✅ |
macOS | ✅ |
Amazon Linux (AWS EC2). | ✅ |
Windows | ✅ |
Windows WSL | ✅ |
Content delivery services status:
Channel | Browser Service | Audio | Secure Document Viewer | Remote DevTools | WebRTC |
---|---|---|---|---|---|
HTTPS/DNS | ✅ | ✅ | ✅ | ✅ | ✅ |
Installed Web App (PWA) | ✅ | ✅ | ✅ | ✅ | ✅ |
Tor Hidden Service | ✅ | ✅ | ✅ | ✅ | ❌ |
SSH Tunnel | ✅ | ✅ | ✅ | ✅ | ✅ |
ngrok* | ✅ | ❌ | ❌ | ❌ | ✅ |
*audio, doc viewer, remote devtools not currently configured to work with ngrok, but support will be added in future.
By leveraging the principles of Remote Browser Isolation (RBI), real-time streaming and collaborative browserin (co-browsing or "multiplayer browsers"), BrowserBoxPro ensures that no web content directly interacts with the end user's device, while remaining accessible through a shareable, collaborative interface.
This guide will walk you through the seamless integration of BrowserBoxPro into your Zero Trust architecture.
In the evolving cybersecurity landscape, the Zero Trust model has emerged as a cornerstone. By assuming no trust by default and verifying every access request irrespective of its source, Zero Trust ensures robust security. BrowserBoxPro is at the forefront of this paradigm shift, offering:
For the latest on how BrowserBox is shaping the Zero Trust landscape, visit our Company Blog.
Before diving in, ensure you have docker installed!
Deploying BrowserBoxPro within a Zero Trust framework is straightforward:
Obtain the latest Docker container for BrowserBoxPro from our packages page on GitHub Container Registry.
Deploy the Docker container using our Zero Trust compliant run script. Choose a primary port number ($PORT
) ensuring two extra ports are free both preceding and succeeding $PORT
. Deploy by running:
PORT=8080 # or your preferred port
bash <(curl -s https://raw.githubusercontent.com/BrowserBox/BrowserBox/2034ab18fd5410f3cd78b6d1d1ae8d099e8cf9e1/deploy-scripts/run_docker.sh) $PORT
Upon successful deployment, BrowserBoxPro will be operational, reinforcing your Zero Trust strategy. Access the browser using the provided login link: https://<your-host>:$PORT/login?token=<random token>
.
For support or to purchase licenses, connect with us at sales@dosyago.com or visit: https://dosyago.com.
🌟 Video Installation Guide for Pro: https://youtu.be/cGUJCCPDWNE
For detailed information and progress updates, please refer to the official documentation.
Follow these instructions to install BrowserBoxPro on your system.
Before installing BrowserBox, ensure that your system meets the following minimum requirements:
we assume Debian or Ubuntu in the below but the install process works on CentOS, Fedora, Kali, Ubuntu, RedHat, macOS, Almalinux and Amazon Linux. For supported versions of these operating systems see this table.
First, update your distribution:
apt update && apt -y upgrade
And install a few basic tools:
apt install curl git wget
Now, prepare the machine by following these steps:
Create a new user to operate BrowserBox:
adduser pro
Disable the password for the newly created user:
usermod -L pro
Create a new group for sudo privileges:
addgroup sudoers
Add the following line to the sudoers file to avoid entering a password for sudo operations:
%sudoers ALL=(ALL) NOPASSWD:ALL
Use the visudo
command to edit the sudoers file.
Grant sudo privileges to the user:
usermod -aG sudoers pro
Switch to the pro
user by executing the following command:
su - pro
Follow these steps to install BrowserBoxPro:
Clone the BrowserBox repository:
git clone https://github.com/BrowserBox/BrowserBox
Navigate to the cloned repository:
cd BrowserBox
Run the global installation script, replacing <domain_name>
with your domain name that points to the machine you're setting up (if you want to use it without a domain name, just use localhost
here for the domain name, but you'll still need to copy the correct mkcert localsthost certificates to $HOME/sslcerts later). Use your <email>
to agree to our terms and the LetsEncrypt terms:
./deploy-scripts/global_install.sh <domain_name> <email>
Start the main service on port 8080 and generate the login link:
setup_bbpro --port 8080
Launch BrowserBox:
bbpro
During the installation process, BrowserBox will automatically install the required dependencies and configure the necessary settings.
BrowserBoxPro isn't just a tool; it's a comprehensive solution designed to fit seamlessly into a Zero Trust architecture. Here's how:
<WebView>
tag.<iframe>
without cross-origin restrictions.For a comprehensive list of features and their availability in BrowserBoxPro, refer to the feature table below.
BrowserBox offers an array of advanced features that set it apart from other versions of remote browser isolation. With fully source-available code, non-commercial use for free, frequent updates and cutting-edge technology, BrowserBox provides an enhanced browsing experience with superior rendering, top-tier graphics, and minimal lag. Here are the key features of BrowserBox Pro:
<iframe>
(Pro exclusive)These features make BrowserBox the ideal choice for businesses and organizations looking to enhance their cybersecurity, privacy, and browsing capabilities.
For more information about commercial options and licensing, please refer to the relevant sections below.
BrowserBoxPro is licensed separately under the following licenses:
You may use BrowserBox under the terms of the Polyform Non-Commercial License 1.0
You may use BrowserBox under the terms of the Polyform Non-Commercial License 1.0
You may have created a portal through spacetime...just kidding, but you'll need to purchase a commercial license. We offer discounts in this case due to your noncommercial status.
In order to be compliant, you need to negotiate custom licenses to suit your needs. Reach out to us at licensing@dosyago.com
In order to be compliant, you need to purchase licenses. Reach out to us at licensing@dosyago.com or purchase via our website
Once purchased, you'll receive a commercial license PDF including your agreement and valid Order receipt and you will be all set to use BrowserBox in your commercial applications. With the purchase of a commercial license:
Please note that we cannot transact with sanctioned countries, entities or individuals.
Commercial Licenses are priced per seat. A seat is someone who uses the BrowserBox system, either in an internal application (like secure email attachment viewing), or an external customer-facing application (such as a customer of your remote browser isolation product). Commercial Licenses come in two flavors:
License Pack Available in multiple sizes, from the small to the truly epic, with commensurately epic discounts at scale. These are purchasable at our main website.
You can purchase either per-named-user or per-concurrent-user. Licenses available on our website are currently for named users. Purchase concurrent user licenses by contacting us at licensing@dosyago.com
By obtaining a commercial license, you gain the freedom to tailor BrowserBox to your specific requirements and integrate it seamlessly into your workflow. This empowers organizations to leverage the advanced features and capabilities of BrowserBox while maintaining full control over its customization and usage.
Support tiers and customization may be separately negotiated and purchased. To discuss your needs, please reach out to our helpful support team here.
Are you an OEM and want to deploy BBPro on a hardware device that you sell to your customers? Contact us for special access to Appliance License pricing with Volume Discounts. This pricing sheet and terms are tailored to suit OEM's delivering security products for business and industry. Please note that if you are supplying government or other non-commercial users you cannot "pass through" DOSYAGO's non-commercial license to your customers without licensing a Commercial license from us.
Unfotunately if you or your company are an OFAC sanctioned entity or other entity sanctioned by the US Government (e.g. designated on OFAC's SDN List, BIS's DPL or Entity List, DDTC's DPL, or on the FBI's various lists, among others) we are unable to offer you a license of any form. Please note that in some cases we may conduct necessary checks to ensure sanctions compliance.
BrowserBox offers flexible licensing options to cater to different usage scenarios. As previously mentioned, BrowserBox software is available for free for non-commercial use under the PolyForm NonCommercial license. This allows individuals and non-profit organizations to enjoy the benefits of BrowserBox without any licensing fees when using the software without any participation in or anticipation of commercial application. The PolyForm NonCommercial license ensures that the software is used strictly for non-commercial purposes, unless purchasing an exemption for commercial use. Commercial use licenses are available for purchase for 1 or more seats at https://dosyago.com or by contacting sales@dosyago.com
Whether it's for non-commercial or commercial purposes, BrowserBox provides a range of licensing options to accommodate different user needs and ensure a secure and powerful browsing experience.
See our website for accurate latest pricing or reach out to us, but here is a summary below:
License Type | Quantity | Price Per Unit/Pack | Includes |
---|---|---|---|
Yearly | Up to 1 | $84/seat/year |
|
Yearly | 2-50 | $64.92 | Same as above |
Yearly | 51-500 | $46.25 | Same as above |
Yearly | 501-5000 | $35.58 | Same as above |
Yearly | 5001-100000 | $10.67 | Same as above |
Yearly | 100001+ | $9.99 | Same as above |
Perpetual | 10-pack | $1,947.60 |
|
Perpetual | 100-pack | $13,875.00 | Same as above |
Perpetual | 10,000-pack | $320,100.00 | Same as above |
Notes:
In the modern digital landscape, Zero Trust isn't just a model; it's a necessity. BrowserBoxPro stands as a testament to this, offering an unparalleled browsing experience while ensuring every interaction is verified, validated, and secure.
Our commitment goes beyond just providing a product. We offer a partnership, ensuring that as the cybersecurity landscape evolves, so do our solutions. With BrowserBoxPro, you're not just adopting a tool; you're embracing a future where every interaction is secure.
Join us in navigating the Zero Trust landscape. Secure your commercial license today and fortify your cybersecurity strategy with BrowserBoxPro.
This project is copyright The Dosyago Corporation 2018-2023. All rights reserved.
For detailed information and progress updates, please refer to: https://github.com/BrowserBox/BrowserBox.
DOSYAGO Terms, Privacy Policy and the BrowserBox License ↩
LetsEncrypt is a registered trademark of ISRG and there is no affiliation, or endorsement with BrowserBox or DOSYAGO ↩
FAQs
BrowserBox - interactive images that embed web contents. A WebView for the open web, an unrestricted IFRAME element, a CORS-proxy, and reverse proxy. Secure remote browser isolation and document viewer, by DOSAYGO.
The npm package @browserbox/browserbox receives a total of 277 weekly downloads. As such, @browserbox/browserbox popularity was classified as not popular.
We found that @browserbox/browserbox demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 0 open source maintainers collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Research
Security News
Socket’s threat research team has detected six malicious npm packages typosquatting popular libraries to insert SSH backdoors.
Security News
MITRE's 2024 CWE Top 25 highlights critical software vulnerabilities like XSS, SQL Injection, and CSRF, reflecting shifts due to a refined ranking methodology.
Security News
In this segment of the Risky Business podcast, Feross Aboukhadijeh and Patrick Gray discuss the challenges of tracking malware discovered in open source softare.